https://bugs.kde.org/show_bug.cgi?id=509837
Bug ID: 509837
Summary: Akonadi/DAV groupware ressource doesn't report failed
logins to user
Classification: Applications
Product: kdepim
Version First 6.5.2
Reported In:
Platform: NixOS
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
SUMMARY
Hi, if the akonadi_davgroupware_resource is unable to login to e.g. Nextcloud
it seems to have no way to report this issue to the user. In the case of using
Nextcloud this results in getting banned by the brute-force detection.
STEPS TO REPRODUCE
1. Configure DAV with Nextcloud calendar.
2. Change user password in Nextcloud or for the DAV ressource.
OBSERVED RESULT
Getting your IP address throttled in Nextcloud. DAV agent state in Akonadi is
marked as "Ready" and "Online". It looks as happy as it can be in Akonadi
Console.
EXPECTED RESULT
Getting a dialog displayed informing me about failed login issues and maybe
asking for updated credentials. A failure state of the DAV agent in Akonadi is
expected as well.
ADDITIONAL INFORMATION
Logs only show a vague HTTP error "0".
org.kde.pim.davresource: Unable to fetch collections 300 "There was a problem
with the request.\nHTTP error (0)."
It does display the correct HTTP error "429" when throttled.
org.kde.pim.davresource: Unable to fetch collections 300 "There was a problem
with the request.\nHTTP error (429)."
I tested a generic PROPFIND with cURL to the same Nextcloud which gave me a
"HTTP/2 401" when using wrong credentials. So it looks to me like the problem
is NOT with Nextcloud giving HTTP 0 as a return code.
--
You are receiving this mail because:
You are watching all bug changes.
